How Wi-Fi attackers are poisoning Web browsers
February 22, 2010 Computer Safety Tip
It has recently been confirmed by studies that Wi Fi networks in homes as well as places like coffee shops actually 
present us with a bigger security risk than we originally thought. Malicious online attackers are now able to literally intercede over wireless in order to infect users’ browser catches in order to present fake web sites with the hope of stealing data.
Mike Kershaw is a researcher and develop of the well know Kismet wireless network dector as well as intrusion detection system, spoke in this regard at the Black Hat conference.
Black Hat’s most notorious incidents: A quiz
“Once you’ve left Starbucks, you’re owned. I own your cache-control header,” he said. “You’re still loading the cache JavaScript when you go back to work.
“Open networks have no client protection,” said Kershaw, who also uses the handle Dragorn. “Nothing stops us from spoofing the [wireless access point] and talking directly to the client,” the user’s Wi-Fi-enabled device.
Knowledge gained from researchers over the past year, he said, is showing that browser-cache poisoning over Wi-Fi can be kept in a persistent state unless the user knows how to effectively empty the cache.
“Once the cache is poisoned, it’s going to stay there,” Kershaw said. This means that an attacker can intercede to “poison the URL” of the victim so that he will see a fake Web page when they try to visit a specific Web site or try to insert a “shim” that could “ship your internal pages off to a remote server once you’re in a VPN.”
Kershaw acknowledged he doesn’t know how widely attacks based on poisoning the browser cache via 802.11 actually are. But the potential for trouble is so evident he said he’d advise corporate security professionals to try to “forbid users from taking laptops onto open networks,” though he admitted, “Your users may lynch you.” He said some vendors, including Verizon, are looking at solving this problem with a custom client that is tied to specific operating systems.
This story, “How Wi-Fi attackers are poisoning Web browsers,” was originally published at NetworkWorld.com. Follow the latest developments in security at Network World.
